CVE-2024-2397 - Vulnerability Details - OpenCVE

ReportizFlow

Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2
https://lists.fedoraproject.org/archives/list/[email protected]/message/GEZRGR3QCW2ZNFIAWMZZOG4ZLFLFNG2M/
https://lists.fedoraproject.org/archives/list/[email protected]/message/HUUI2MBVHFENXNBCHDQZP2RBBA2VD5HG/
https://lists.freebsd.org/archives/freebsd-security/2024-September/000298.html
https://nvd.nist.gov/vuln/detail/CVE-2024-2397
https://www.cve.org/CVERecord?id=CVE-2024-2397

History

Tue, 03 Sep 2024 14:30:00 +0000

Type	Values Removed	Values Added
References		https://lists.freebsd.org/archives/freebsd-security/2024-September/000298.html

MITRE

Status: PUBLISHED

Assigner: Tcpdump

Published: 2024-04-12T13:22:01.636Z

Updated: 2024-09-03T13:34:59.230Z

Reserved: 2024-03-12T10:29:32.095Z

Link: CVE-2024-2397

Vulnrichment

Updated: 2024-09-03T13:34:59.230Z

NVD

Status : Awaiting Analysis

Published: 2024-04-12T14:15:07.657

Modified: 2024-11-21T09:09:39.813

Link: CVE-2024-2397

Redhat

Severity : Low

Publid Date: 2024-04-12T00:00:00Z

Links: CVE-2024-2397 - Bugzilla

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-2397", "assignerOrgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896", "state": "PUBLISHED", "assignerShortName": "Tcpdump", "dateReserved": "2024-03-12T10:29:32.095Z", "datePublished": "2024-04-12T13:22:01.636Z", "dateUpdated": "2024-09-03T13:34:59.230Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["PPP printer"], "product": "tcpdump", "vendor": "The Tcpdump Group", "versions": [{"lessThan": "b9811ef", "status": "affected", "version": "0d4083e", "versionType": "git"}]}], "datePublic": "2024-04-12T11:00:00.000Z", "descriptions": [{"lang": "en", "value": "Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21."}], "exploits": [{"lang": "en", "value": "A functional exploit exists."}], "impacts": [{"capecId": "CAPEC-153", "descriptions": [{"lang": "en", "value": "CAPEC-153 Input Data Manipulation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-835", "description": "CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896", "shortName": "Tcpdump", "dateUpdated": "2024-04-12T13:22:01.636Z"}, "references": [{"tags": ["patch"], "url": "https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/GEZRGR3QCW2ZNFIAWMZZOG4ZLFLFNG2M/"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/HUUI2MBVHFENXNBCHDQZP2RBBA2VD5HG/"}], "source": {"discovery": "EXTERNAL"}, "title": "infinite loop in the PPP printer of tcpdump"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-31T17:39:23.683099Z", "id": "CVE-2024-2397", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-31T17:39:31.449Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-09-03T13:34:59.230Z"}, "references": [{"url": "https://lists.freebsd.org/archives/freebsd-security/2024-September/000298.html"}, {"tags": ["patch", "x_transferred"], "url": "https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2"}, {"tags": ["x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/GEZRGR3QCW2ZNFIAWMZZOG4ZLFLFNG2M/"}, {"tags": ["x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/HUUI2MBVHFENXNBCHDQZP2RBBA2VD5HG/"}], "title": "CVE Program Container", "x_generator": {"engine": "ADPogram 0.0.1"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://lists.freebsd.org/archives/freebsd-security/2024-September/000298.html"}, {"url": "https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2", "tags": ["patch", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/GEZRGR3QCW2ZNFIAWMZZOG4ZLFLFNG2M/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/HUUI2MBVHFENXNBCHDQZP2RBBA2VD5HG/", "tags": ["x_transferred"]}], "x_generator": {"engine": "ADPogram 0.0.1"}, "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-09-03T13:34:59.230Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-2397", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-31T17:39:23.683099Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-31T17:39:28.524Z"}}], "cna": {"title": "infinite loop in the PPP printer of tcpdump", "source": {"discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-153", "descriptions": [{"lang": "en", "value": "CAPEC-153 Input Data Manipulation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "The Tcpdump Group", "modules": ["PPP printer"], "product": "tcpdump", "versions": [{"status": "affected", "version": "0d4083e", "lessThan": "b9811ef", "versionType": "git"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "A functional exploit exists."}], "datePublic": "2024-04-12T11:00:00.000Z", "references": [{"url": "https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2", "tags": ["patch"]}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/GEZRGR3QCW2ZNFIAWMZZOG4ZLFLFNG2M/"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/HUUI2MBVHFENXNBCHDQZP2RBBA2VD5HG/"}], "descriptions": [{"lang": "en", "value": "Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-835", "description": "CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')"}]}], "providerMetadata": {"orgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896", "shortName": "Tcpdump", "dateUpdated": "2024-04-12T13:22:01.636Z"}}}, "cveMetadata": {"cveId": "CVE-2024-2397", "state": "PUBLISHED", "dateUpdated": "2024-09-03T13:34:59.230Z", "dateReserved": "2024-03-12T10:29:32.095Z", "assignerOrgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896", "datePublished": "2024-04-12T13:22:01.636Z", "assignerShortName": "Tcpdump"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21."}, {"lang": "es", "value": "Debido a un error en la gesti\u00f3n de los b\u00faferes de datos de paquetes, la impresora PPP en tcpdump puede entrar en un bucle infinito al leer un archivo guardado DLT_PPP_SERIAL .pcap manipulado. Este problema no afecta ninguna versi\u00f3n de tcpdump, pero afect\u00f3 a la rama git master del 2023-06-05 al 2024-03-21."}], "id": "CVE-2024-2397", "lastModified": "2024-11-21T09:09:39.813", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "[email protected]", "type": "Secondary"}]}, "published": "2024-04-12T14:15:07.657", "references": [{"source": "[email protected]", "url": "https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2"}, {"source": "[email protected]", "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/GEZRGR3QCW2ZNFIAWMZZOG4ZLFLFNG2M/"}, {"source": "[email protected]", "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/HUUI2MBVHFENXNBCHDQZP2RBBA2VD5HG/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/GEZRGR3QCW2ZNFIAWMZZOG4ZLFLFNG2M/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/HUUI2MBVHFENXNBCHDQZP2RBBA2VD5HG/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.freebsd.org/archives/freebsd-security/2024-September/000298.html"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-835"}], "source": "[email protected]", "type": "Secondary"}]}

{"bugzilla": {"description": "tcpdump: Crafted .pcap file may lead to Denial of Service", "id": "2274792", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274792"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-835", "details": ["Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21.", "A flaw was found in tcpdump. Trying to print content from a maliciously crafted .pcap file may lead to an infinite loop, resulting in a denial of service. This issue is considered low severity; for a successful attack to happen, a user must open a crafted file, and it will only crash a single user's execution of tcpdump."], "name": "CVE-2024-2397", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "libpcap", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "tcpdump", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "libpcap", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "tcpdump", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "libpcap", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "tcpdump", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "libpcap", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "tcpdump", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-2397\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-2397"], "threat_severity": "Low"}